<?php
 session_start();
 $email = $_POST['l_email'];
 $temp_pass = $_POST['l_password'];
 $password = md5($_POST['l_password']);
 $user_id="";
 $status=0;

if ($email == "" || $temp_pass=="")
{
	echo 'blank_email_password'; // for blank email address
	exit;
}
 else if (preg_match("/^[\w-\.]+@([\w-]+\.)+[\w-]{2,4}$/", $email)) 
{
	
} 
else 
{
    echo 'invalid_email';
	exit;
}


$tbl_name = "user_info";
 include('config.php');
 //Connect to server and select database.
 
// $mysqli=mysqli_connect($db_server,$db_user,$db_pass,$db_database);

// Create Mysqli object
$db = new mysqli($db_server,$db_user,$db_pass,$db_database);

// Create statement object
$stmt = $db->stmt_init();

// Create a prepared statement
if($stmt->prepare("SELECT user_id, status FROM $tbl_name WHERE `email` = ? AND password = ?")) {
 
    // Bind your variable to replace the ?
    $stmt->bind_param('ss', $email,$password);
 
  
    // Execute query
    $stmt->execute();
	
	
	
}

$stmt->bind_result($user_id,$status);



//fetch result
$stmt->fetch();


// Close statement object
   $stmt->close();
   
   if($status==0 && $user_id!="")
   	{ echo "inactive"; }
	else
   {
	   if($user_id=="")
	   {
		   echo "false";
		   }
		else{
			 $_SESSION['user_id']=$user_id;
			 $_SESSION['email']=$email;
			 
			echo "true";
			}
   }
 /*$query = "SELECT * FROM $tbl_name WHERE email='$email' AND password='$password'";
 $result = mysqli_query($mysqli,$query)or die(mysqli_error($mysqli));
 */
 

 
/* $num_row = mysqli_num_rows($result);
 $row=mysqli_fetch_array($result);
 */
 //
 
 /*if( $num_row >0 ) {
  echo 'true';
  $_SESSION['email']=$row['email'];
  $_SESSION['user_id']=$row['user_id'];
  
 }
 else{
 echo $password;
 }*/
?>